EP2031803B1 - Relay network system and terminal adapter apparatus - Google Patents

Relay network system and terminal adapter apparatus Download PDF

Info

Publication number
EP2031803B1
EP2031803B1 EP06756973A EP06756973A EP2031803B1 EP 2031803 B1 EP2031803 B1 EP 2031803B1 EP 06756973 A EP06756973 A EP 06756973A EP 06756973 A EP06756973 A EP 06756973A EP 2031803 B1 EP2031803 B1 EP 2031803B1
Authority
EP
European Patent Office
Prior art keywords
server
network
terminal
address
session
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Not-in-force
Application number
EP06756973A
Other languages
German (de)
English (en)
French (fr)
Other versions
EP2031803A1 (en
EP2031803A4 (en
Inventor
Hidenori Inouchi
Katsumi Konishi
Koh Ohnishi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hitachi Ltd
Original Assignee
Hitachi Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hitachi Ltd filed Critical Hitachi Ltd
Publication of EP2031803A1 publication Critical patent/EP2031803A1/en
Publication of EP2031803A4 publication Critical patent/EP2031803A4/en
Application granted granted Critical
Publication of EP2031803B1 publication Critical patent/EP2031803B1/en
Not-in-force legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/4645Details on frame tagging
    • H04L12/4666Operational details on the addition or the stripping of a tag in a frame, e.g. at a provider edge node
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/54Store-and-forward switching systems 
    • H04L12/56Packet switching systems
    • H04L12/5691Access to open networks; Ingress point selection, e.g. ISP selection
    • H04L12/5692Selection among different networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • H04L45/04Interdomain routing, e.g. hierarchical routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/50Routing or path finding of packets in data switching networks using label swapping, e.g. multi-protocol label switch [MPLS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Definitions

  • the present invention relates to relay network systems and terminal adaptor apparatuses, and more particularly, to an FMC (fixed mobile convergence) relay network system in which a network service for fixed terminals and a network service for mobile terminals are formed by a plurality of relay networks by using Internet Protocol, and to a terminal adaptor apparatus.
  • FMC fixed mobile convergence
  • a UMA (unlicensed mobile access) system As a system for implementing an FMC service by using Internet Protocol (IP), a UMA (unlicensed mobile access) system has been used as a standard.
  • IP Internet Protocol
  • UMA unlicensed mobile access
  • an Internet connection service is provided in which a portable terminal is connected to a home AP (access point) to use a broadband network, and a portable terminal serving as a non-IP terminal is connected through an IPsecGW apparatus called a UNC (unlicensed network controller) when the FMC service is provided in which a VPN (virtual private network) service is provided.
  • the UMA system performs the following processing, for example, to accommodate a portable terminal not conforming to IP in an IP access network.
  • a portable terminal conforming to a UMA standard capsulates an existing communication protocol for portable telephones by IPsec Protocol (IP Security Protocol) and sends it to a GW (gateway) apparatus called the UNC.
  • IPsec Protocol IP Security Protocol
  • the UNC terminates IPsec Protocol to take out the portable-telephone protocol which has been capsulated and connects it to an existing portable telephone network based on the telephone routing.
  • IPsec Protocol an Internet connection service can be provided while the same level of security as with usual portable telephones is provided even through the Internet.
  • the technical specifications of the UMA is disclosed, for example, in www.umatechnology.org (non-patent document 1).
  • the UMA Architecture (stage 2) document discloses in detail the tunneling specifications of a portable telephone protocol using IPsec Protocol.
  • an FMC terminal is a mobile terminal, but when used in a home, the FMC terminal can use a service through a fixed Internet as if it were a fixed terminal.
  • a path control method used in a network where a plurality of paths can be selected is disclosed in which a terminal is connected to a destination address by a default path specified in advance (see patent document 1, for example).
  • a CE (customer edge) router To connect a portable terminal conforming to UMA to the Internet through a fixed access network, a CE (customer edge) router is separately required. For this reason, it is economically desired that the CE router already installed to accommodate fixed terminals in the Internet have a CE-router function for accommodating the portable terminal conforming to UMA.
  • the two functions are simply implemented in a single apparatus, however, the following problem occurs, for example.
  • Fig. 15 when a terminal M (104) accesses a server M (108), there are two relay paths (a path through a fixed ISP network (207) and a path through a mobile ISP network (209)).
  • an object of the present invention is to provide a relay network system that solves a multi-routing issue, which is an issue when an FMC service is provided for a user by using a conventional CE router.
  • Another object of the present invention is to provide a simple way to select a relay path optimum for each service from a plurality of relay paths by introducing L2TP (Layer 2 Tunneling Protocol) - VPN.
  • Still another object of the present invention is to avoid a security problem such as a DoS (denial of service) attack by providing an FMC service on a private network using L2TP-VPN because of no necessity of disclosing the IP address of a server as a DNS (domain name system) record on the Internet.
  • Yet another object of the present invention is to provide a TE (traffic engineering) solution corresponding to MPLS (multi-protocol label switching), generally used in a core network, for an access network at a low cost by using L2TP, which is a standard VPN.
  • TE traffic engineering
  • MPLS multi-protocol label switching
  • the present FMC relay network system is, for example, a communication system that includes a terminal adaptor apparatus which is connected to a network, which accommodates a fixed terminal and a mobile terminal at the same time, and which performs a relay operation; and a VPN termination network apparatus which accommodates a server for providing a service for the fixed terminal and a server for providing a service for the mobile terminal, and which terminates a VPN session with the terminal adaptor apparatus.
  • the terminal adaptor apparatus includes means for identifying a fixed service session between the fixed terminal and the server that provides the service for the fixed terminal and a mobile service session between the mobile terminal and the server that provides the service for the mobile terminal by a VPN identifier attached to a packet and selecting a relay path according to the VPN identifier.
  • the terminal adaptor apparatus may use L2TP as the above-described VPN, obtain the address of a server associated with the VPN identifier from the VPN termination network apparatus by using VPN Protocol, and then, send the address of the server to the terminal in advance.
  • the terminal adaptor apparatus when obtaining the address of a server associated with the above-described VPN identifier from the VPN termination network apparatus by using VPN Protocol, may store the association relationship between the address of the server and the VPN identifier, and, when receiving a packet sent from a terminal to the server, VPN-capsulate the packet by using a VPN header that includes the VPN identifier.
  • the terminal adaptor apparatus may send the address of the server obtained in advance to a terminal that has sent an address solution request for the server.
  • the terminal adaptor apparatus may use, as the above-described VPN identifier, the MAC address of an access-source terminal, the IP address of an access-destination server, and data type information of the frame to be capsulated.
  • the terminal adaptor apparatus when receiving a packet having the above-described VPN identifier, may compare the VPN identifier included in the received packet with a VPN identifier found with the MAC address of an access-source terminal and the IP address of an access-destination server being used as keys; when they match, convert the VPN identifier to a VLAN identifier; and relay to the server.
  • the terminal adaptor apparatus may send the address of the fixed-terminal server to the mobile terminal.
  • the terminal adaptor apparatus may send the address of the mobile-terminal server to the fixed terminal.
  • the present invention it is possible to provide a relay network system that solves a multi-routing issue, which is an issue when an FMC service is provided for a user by using a conventional CE router. According to the present invention, it is also possible to provide a simple way to select a relay path optimum for each service from a plurality of relay paths by introducing L2TP (Layer 2 Tunneling Protocol) - VPN. According to the present invention, it is possible to avoid a security problem such as a DoS (denial of service) attack by providing an FMC service on a private network using L2TP-VPN because of no necessity of disclosing the IP address of a server as a DNS (domain name system) record on the Internet.
  • L2TP Layer 2 Tunneling Protocol
  • TE traffic engineering
  • MPLS multi-protocol label switching
  • a source policy routing function is one of methods for selecting a relay path. This function uses an address assigned to a terminal, as a key to select a relay path. It is not sufficient to have this function only. The function and an issue will be described below with reference to Fig. 15 .
  • an IP routing mechanism in which not only a destination IP address indicating the server M (108) but also an IP address (transmission-source IP address) assigned to the terminal M (104) are used as path search keys is used to determine a relay path to the destination server uniquely.
  • the terminal M (104) is, for example, a UMA terminal.
  • a service structure will be examined in which a GW router M (208) that accommodates a UMA terminal in a core service network (211) gives (assigns) a global IP address to the terminal M (104).
  • the terminal M (104) sends a packet to the server with the assigned global IP address as a transmission source IP address.
  • the CE router A (101) does not apply an IP masquerade function, which converts a transmission-source IP address, to a packet having a global IP address as a transmission-source address. Therefore, the CE router A (101) can determine from a transmission-source address (here, a global IP address) whether the fixed terminal F (103) or the mobile terminal M (104) sent the packet.
  • the source policy routing function By using the source policy routing function, an explicit selection of a relay path in which an access is made to the server M (108) through the mobile ISP network (209) can be implemented.
  • the source policy routing function is implemented as a sub set of multi-routing, where, in a system having a plurality of routing tables, a combination of a transmission-destination IP address, a transmission-source IP address, and other IP header information is used as keys to select only one routing table among the plurality of routing tables.
  • the CE router A (101) applies so-called IP masquerade processing to a packet sent from the terminal M (104) having a private IP address to the server M (108) to convert the private IP address of the transmission source to a global IP address.
  • This processing is often performed before the source policy routing processing, which determines an output path of the packet. Therefore, the transmission-source address is rewritten to a WAN (wide area network) address of a network interface at a default side on the routing table of the CE router A (101). Consequently, unlike the case described above, it becomes impossible to determine an explicit relay path according to the transmission-source IP address assigned to the terminal M (104).
  • a multi-routing function in which a network service is associated with a session ID of L2TP, which is means for implementing VPN, and a relay path is selected according to the session ID associated with the service is introduced into the CE router and a L2TP server serving as an apparatus opposing the CE router, at the network side.
  • L2TP Protocol has been standardized by IETF (Internet Engineering Task Force) as L2TPv2 (RFC 2661) and L2TPv3 (RFC 3931) (non-patent documents 4 and 5).
  • L2TPv2 RRC 2661
  • L2TPv3 radio frequency division duplex
  • the control channel establishes or releases a control connection and a session.
  • the data channel uses a session established by the control channel to perform actual data transfer processing with the use of an L2TP session header.
  • the L2TP session header is capsulated by an IP header (only in L2TPv3) or by a UDP header and an IP header.
  • Fig. 1 shows an FMC communication system using L2TP-VPN.
  • the present communication system includes networks, such as LAN A (201) to which the CE router A belongs, a fixed access network (100), the fixed ISP network (207), the mobile ISP network (209), a core transport network (210), and a core service network (211).
  • networks such as LAN A (201) to which the CE router A belongs, a fixed access network (100), the fixed ISP network (207), the mobile ISP network (209), a core transport network (210), and a core service network (211).
  • the present communication system includes, for example, the CE router (terminal adaptor apparatus) A (101), operating as an L2TP client; a server (106) placed in the core service network (211), for providing a service for both the fixed terminal F (103) and the mobile terminal M (104); and a L2TP server (termination network apparatus) (105) placed in the core transport network (210), for terminating L2TP for the fixed terminal F (103) and the mobile terminal M (104) and for terminating VLAN (virtual LAN) for the server (106).
  • the fixed terminal F (103) and the mobile terminal M (104) are connected to LAN A (201). Outside the area of LAN A (201), the mobile terminal M (104) can connect to the server (106) through a wireless access network in the same way as a usual mobile terminal.
  • the mobile terminal M (104) or the CE router A (101) automatically recognizes the fact and the mobile terminal M (104) is connected to the server (106) through the CE router A (101).
  • the FMC services can be provided by the single server (106) placed in the core service network (211).
  • the server in the core service network (211) is separated into a server F (107) for providing a service for a fixed LAN terminal and a server M (108) for providing a service for a mobile LAN terminal.
  • a description is made on the assumption that the server is formed of a single integrated server (106), but a plurality of servers may be provided.
  • a LAN-type FMC service will be described first as an example service that can be provided as an FMC service.
  • a so-called IP-Centrex service can be mentioned, for example, where a home server usually installed at a home is installed not at a home but at a service network owned by the service provider.
  • a terminal in a LAN is connected to the server in the service network through a communication device such as an Ethernet (registered trademark) at the L2 level.
  • an Ethernet registered trademark
  • the L2TPv3 standard which can support Ethernet over L2TP tunneling, is used, for example.
  • WAN-type FMC services an electronic mail service, a video on demand (VoD) service, and others can be mentioned.
  • VoIP video on demand
  • a large-volume file is downloaded from a server, it is better both in speed and cost to download it through a CE router installed at the home, not at a place where you visit.
  • a terminal in a LAN needs to be connected to the server in the service network at the IP level.
  • the L2TPv2 or L2TPv3 standard is used, for example, which supports PPP over L2TP tunneling.
  • a L2TP connection is introduced between the CE router A (101) and the L2TP server (105), shown in Fig. 1 , to configure a VPN (L2TP-VPN) that connects the points.
  • the L2TP connection connects the home LAN and the core service network by the VPN.
  • L2TP label multiplex function
  • a fixed-terminal service session and a mobile-terminal service session can be logically multiplexed on an identical IP session in one L2TP-VPN.
  • a VPN routing function that uses labels called L2TP session IDs is implemented in the VPN termination apparatus (the CE router and the L2TP server)
  • a service can be explicitly associated with a path used for the service, allowing the FMC service to be realized.
  • a PPPoE (Point-to-Point Protocol over Ethernet) tunnel (204) is used, for example, to connect between the GW router F (206) installed in the fixed ISP network (207) and the CE router A (101).
  • a IPsec tunnel (205) is used, for example, to connect the GW router M (208) installed in the mobile ISP network (209) and the CE router A (101).
  • Internet Protocol is used to connect the fixed ISP network (207), the mobile ISP network (209), the core transport network (210), and the core service network (211).
  • a virtual FMC session specified between the terminal (103 or 104) and the server (106) is performed by mapping it to a session ID of the actual L2TP tunnel specified between the CE router A (101) and the L2TP server (105).
  • the CE router A (101) and the L2TP server (105) selects a relay path (204 or 205) between the fixed terminal F (103) or the mobile terminal M (104) and the server (106) according to the session ID of the L2TP tunnel and the VLAN ID.
  • the integrated server (106) has two IP addresses. For example, it has an address (in the case shown in the figure, 192.168.1.11, hereinafter called a first address 106-F) corresponding to a server that provided a fixed-terminal service and an address (in the case shown in the figure, 192.168.1.21, hereinafter called a second address 106-M) corresponding to a server that provided a mobile-terminal service.
  • the mobile terminal M (104) can use the fixed-terminal service and the fixed terminal F (103) can use the mobile-terminal service.
  • the integrated server (106) has the two IP addresses, as described above, but it may have just one IP address.
  • a first path (F-F) is a connection from the fixed terminal F (103) to the first address (106-F) of the server (106).
  • the first path is established, for example, from the fixed terminal F (103) to the server (106-F) through the CE router A (101), the GW router F (206), and the L2TP server (105).
  • a second path (F-M) is a connection from the fixed terminal F (103) to the second address (106-M) of the server (106).
  • the second path is established, for example, from the fixed terminal F (103) to the server (106-M) through the CE router A (101), the GW router M (208), and the L2TP server (105).
  • a third path (M-M) is a connection from the mobile terminal M (104) and the second address (106-M) of the server (106).
  • the third path is established, for example, from the mobile terminal M (104) to the server (106-M) through the CE router A (101), the GW router M (208), and the L2TP server (105).
  • a fourth path (M-F) is a connection from and the GW router M (208) to the first address (106-F) of the server (106).
  • the fourth path is established, for example, from the mobile terminal M (104) to the server (106-F) through the CE router A (101), the GW router F (206), and the L2TP server (105).
  • Fig. 2 shows an example hardware structure of the CE router A (101).
  • the CE router A (101) includes a CPU (central processing unit) (301), a memory (302), and network interfaces (304 and 305).
  • the CPU (301) actually executes various application programs and an OS (operating system).
  • the memory (302) stores a program used in the execution at the CPU (301) and the various application programs.
  • the CPU (301), the memory (302), and the interfaces (304 and 305) are connected to each other via a bus (303).
  • the number of interfaces is not limited to that shown in the figure, but may be any appropriate number.
  • the interfaces (304 and 305) send data received from the CPU (301) and the memory (302), to an external unit.
  • the interfaces (304 and 305) are connected to lines (306 and 307), respectively.
  • One of the interfaces (304 and 305) is connected, for example, to a line connected to the fixed access network (100).
  • One or a plurality of the interfaces (304 and 305) serves as a wired or wireless interface for connecting to the fixed terminal F (103) and the mobile terminal M (104).
  • Fig. 3 shows information stored in the memory (302) of the CE router A (101).
  • the memory (302) stores, for example, tables such as a DNS proxy table (312), a session management table (313), and a routing management table (314), and programs such as an L2 transfer processor (315), an L2TP signal processor (308), an L2TP transfer processor (309), a source IP address bind processor (310), and an IP routing processor (311).
  • Each program can be read and executed by the CPU (301).
  • the L2TP signal processor (308) includes a call processor for establishing and releasing a control connection between the CE router A (101) and the L2TP server (105), and a session manager for establishing and releasing a session between the CE router A (101) and the L2TP server (105).
  • the L2TP transfer processor (309) performs L2TP capsulation for a data frame received from the LAN A (201) and L2TP decapsulation for an L2TP data frame received from the WAN (in the case shown in Fig. 1 , the fixed access network 100).
  • the source IP address bind processor (310) determines a transmission-source IP address according to relay path information of the session management table (313).
  • the IP routing processor (311) performs IP routing according to the IP header determined by the IP address bind processor (310).
  • the L2 transfer processor (315) performs L2 transfer.
  • the DNS proxy table (312) stores information used to perform a process for returning the IP address of the server (106) in response to a server domain name solution inquiry sent from the terminal (103 or 104).
  • the DNS proxy table (312) also stores information used to perform a process for returning a server domain name in response to a server IP address solution inquiry.
  • the routing management table (314) is, for example, a table for IP routing.
  • the session management table (313) will be described in detail later.
  • Fig. 4 shows an example hardware structure of the L2TP server (105).
  • the L2TP server (105) includes a CPU (401), a memory (402), and network interfaces (404 and 405).
  • the CPU (401) actually executes various application programs and an OS (operating system).
  • the memory (402) stores a program used in the execution at the CPU (401) and the various application programs.
  • the CPU (401), the memory (402), and the interfaces (404 and 405) are connected to each other via a bus (403).
  • the number of interfaces is not limited to that shown in the figure, but may be any appropriate number.
  • the interfaces (404 and 405) send data received from the CPU (401) and the memory (402), to an external unit.
  • the interfaces (404 and 405) are connected to lines (406 and 407), respectively.
  • One or a plurality of the interfaces (404 and 405) is connected, for example, to the fixed ISP network (207) and the mobile ISP network (209).
  • One or a plurality of the interfaces (404 and 405) is connected to the core service network (211).
  • Fig. 5 shows information stored in the memory (402) of the L2TP server (105).
  • the memory (402) stores, for example, a session management table (413), and programs such as an L2TP signal processor (408), an L2TP transfer processor (409), an IP routing processor (411), and a VLAN tag processor (420).
  • a routing management table may be further stored.
  • the difference with the CE router A (101) is, for example, that the DNS proxy table (312) and the source IP address bind processor (310) are removed and the VLAN tag processor (420) is added. A description is omitted for the same components as the CE router A (101).
  • the VLAN tag processor (320) When an L2TP session having a PW (pseudo wire) type of Ether is terminated, the VLAN tag processor (320) performs mapping of the L2TP session ID and a VLAN tag. If the VLAN tag processor is not provided, it is difficult to separate L2 traffic received from a plurality of LANs, at the inlet of the server when a LAN-type FMC service is provided. VLAN tags are provided in order to separate L2 traffic received from a plurality of LANs.
  • the session management table (413) will be described in detail later.
  • Fig. 6 shows an example structure of the session management table (313) of the CE router A (101).
  • the session management table (313) includes a source MAC address field for storing the MAC address of the terminal (103 or 104) managed by the CE router A (101); a destination server domain name field for storing the domain name of the server (106) which the terminal (103 or 104) accesses; a relay path PW type field for indicating a relay path; an L2TP session ID field for storing a session ID exchanged at the L2TP signal processor (308); and a destination server IP address field for storing an IP address corresponding to the destination server domain name.
  • the relay path PW type is set to "Ether", for example, when the mobile ISP network (209) is used; and the PW type is set to "PPP" when the fixed ISP network (207) is used.
  • PW type is set to "Ether" when the fixed ISP network (207) is used.
  • appropriate identification information indicating that the mobile ISP network (209) is used and the fixed ISP network (207) is used.
  • the items (source MAC address, destination server domain name, and relay path PW type) located at the left of a doubled line are determined by provisioning. For example, these items can be determined in advance by the user through the management interface of the CE router A (101) or determined in advance by the carrier or the FMC service provider according to the conditions of the contract with the user.
  • the items (session ID and destination server IP address) located at the right of the doubled line are determined and stored by L2TP Protocol. A process for storing the session ID and destination server IP address will be described in detail later. The case shown in the figure corresponds to the first path to the fourth path described before.
  • the DNS proxy table (312) of the CE router A (101) has a function for performing an IP address solution corresponding to the DNS domain name of the destination server (106) which the terminal (103 or 104) accesses, as a proxy of the terminal, for caching the name solution result in itself, and for managing it. It is also possible to have a configuration in which, in response to a DNS name solution request sent from the terminal (103 or 104), the CE router A (101) returns the IP address stored in the destination server IP address field of the session management table (313) as an IP address managed by itself. In that case, information associating the IP address and DNS domain name, which is managed by the DNS proxy table (312) can be included is destination server information of the session management table (313).
  • Fig. 7 shows an example structure of the session management table (413) of the L2TP server (105).
  • the session management table (413) includes a source MAC address field for storing the MAC address of the terminal (103 or 104) managed by the CE router A (101); a destination server domain name field for storing the domain name of the server (106) which the terminal (103 or 104) accesses; a destination server IP address field for storing an IP address corresponding to the destination server domain name; a VLAN ID field for storing a VLAN ID identifying the VLAN with the destination server (106); and an L2TP session ID field for storing a session ID exchanged at the L2TP signal processor (408).
  • the differences from Fig. 6 are, for example, that the relay path field is removed and the VLAN ID field is added.
  • the items (source MAC address, destination server domain name, destination server IP address, and VLAN ID) located at the left of a doubled line are determined by provisioning. For example, these items can be determined in advance through the management interface of the L2TP server (105).
  • the source MAC address and destination server domain name may be received from the CE router A (101).
  • the item (session ID) located at the right of the doubled line is determined and stored by L2TP Protocol. A process for storing the session ID will be described in detail later.
  • the FMC services can be provided by the single server (106) placed in the core service network (211).
  • the server in the core service network (211) is separated into the server F (107) for providing a service for a fixed LAN terminal and the server M (108) for providing a service for a mobile LAN terminal.
  • the CE router A (101) specifies in advance, as an L2TP client, an L2TP session through the fixed ISP network (207) with the L2TP server (105). Then, the CE router A (101) is configured such that an L2TP header that includes the L2TP session ID exchanged by L2TP signal processing protocol between the client and server is given to a data packet sent from the fixed terminal F (103) to the server (106) and an output path through the fixed ISP network (207) is selected according to the given L2TP session ID. For example, in Fig.
  • the sessions corresponding to session IDs 1 and 4 are established through the fixed ISP network (207). Therefore, when a data packet to which an L2TP header that includes session ID 1 or 4 is given is output by selecting the session corresponding to the session ID, an output path through the fixed ISP network can be selected.
  • the CE router A (101) specifies in advance, as an L2TP client, an L2TP session through the mobile ISP network (209) with the L2TP server (105). Then, the CE router A (101) is configured such that an L2TP header that includes the L2TP session ID is given to a data packet sent from the mobile terminal M (104) to the server (106) and an output path through the mobile ISP network is selected according to the given L2TP session ID. For example, in Fig. 6 , the sessions corresponding to session IDs 2 and 3 are established through the mobile ISP network (209). Therefore, when a data packet to which an L2TP header that includes session ID 2 or 3 is given is output by selecting the session corresponding to the session ID, an output path through the mobile ISP network (209) can be selected.
  • An FMC terminal evolving from a mobile terminal, can establish a session through a mobile ISP network with a server that provides a fixed terminal service although the FMC terminal is basically a mobile terminal.
  • Various FMC services can be provided when such flexible L2TP sessions are allowed.
  • Fig. 8 shows a control connection establishment process flow for establishing an L2TP session and a session establishment process flow.
  • Each process is executed, for example, by the L2TP signal processor (308) of the CE router A (101) and the L2TP signal processor (408) of the L2TP server (105).
  • the session management tables (313 and 413) have been specified by provisioning in the CE router A (101) and the L2TP server (105).
  • the CE router A (101) and the L2TP server (105) execute the control connection establishment process (601).
  • the CE router A (101) first generates an AVP (attribute value pair) in order to establish a control connection.
  • the CE router A (101) in response to a session establishment request sent from the fixed terminal F (103) or the mobile terminal M (104), the CE router A (101) generates a server-type AVP in addition to a usual AVP when the control connection is established.
  • the session establishment request sent from the fixed terminal F (103) or the mobile terminal M (104) includes the transmission-source MAC address and destination server domain name.
  • An AVP means not a group of two items (label and a value given to the label) but a group of three items (label, a value given to the label, and an attribute).
  • Fig. 9(a) shows an example data format of the server-type AVP.
  • the server-type AVP is used, for example, by the CE router A (101) to obtain the IP address of a server (106) which can provide an FMC server, disposed beyond the L2TP server (105).
  • the CE router A (101) adds the generated AVP to a start-control-connection-request (SCCRQ) and sends it to the L2TP server (105).
  • SCCRQ start-control-connection-request
  • the CE router A (101) may send the SCCRQ through either the fixed ISP network (207) or the fixed ISP network (209).
  • the L2TP server (105) To send a start-control-connection-reply (SCCRP) in response to the SCCRQ, the L2TP server (105) generates an AVP to be given to the SCCRP.
  • the L2TP serer generates a server address AVP in addition to an AVP for control connection establishment.
  • Fig. 9(b) shows an example data format of the server address AVP.
  • the server address AVP is used, for example, by the L2TP server (105) to report the IP address of the server (106) disposed beyond the L2TP server (105) to the terminal (103 or 104).
  • a DNS server or a DHCP Dynamic Host Configuration Protocol
  • the address of a server dedicated to a closed FMC service on the basis of L2TP-VPN is reported with the use of an AVP extension of L2TP because the address is not made public to the Internet.
  • the closed FMC service means a service obtained by combining a CUG (closed user group) service where only members who are allowed to access can access and an FMC service.
  • the L2TP server (105) adds, for example, the IP address of a server corresponding to the server type included in the server-type AVP in the SCCRQ to the AVP.
  • the server type is "fixed (F)"
  • the L2TP server (105) adds the address (in the case shown in Fig. 1 , 192.168.1.11) of the integrated server (106) for fixed terminals.
  • the server type is "mobile (M)”
  • the L2TP server (105) adds the address (in the case shown in Fig. 1 , 192.168.1.21) of the integrated server (106) for mobile terminals.
  • These addresses can be stored in a memory in advance in association with the server types.
  • the L2TP server (105) adds the generated AVP to the SCCRP and sends it to the CE router A (101).
  • the CE router A (101) When the CE router A (101) receives a response message of the SCCRQ, the CE router A (101) analyzes the message to determine whether it is an SCCRP. When the received message is an SCCRP, the CE router A (101) analyzes the AVP given to the message. The CE router A (101) obtains the IP address of the server corresponding to the server address AVP shown in Fig. 9(b) , and specifies it in the session management table (313). For example, the CE router A (101) stores the IP address of the server, obtained corresponding to the transmission source address and the destination server domain name of the request received from the fixed terminal F (103) or the mobile terminal M (104), in the received-light server IP address field. It may be stored in the DNS proxy table (312).
  • the L2TP server (105) After sending the SCCRP, the L2TP server (105) awaits until it receives a start-control-connection-connected (SCCCN). Receiving the SCCCN, the L2TP server (105) establishes a control connection and ends the control connection establishment process.
  • the CE router A (101) may send the obtained server address to the terminal (103 or 104) at appropriate timing.
  • the SCCRQ signal, SCCRP, and the SCCCN signal form a three-way hand shake signal, and mean a L2TP service start report from the client, a service permission report from the server, and a service setting completion report from the client. Only one L2TP control connection is established between the client and server, and then, an actual section is established on that service by using the following signals.
  • the CE router A (101) executes session establishment processes (602 and 603). More specifically, according to the transmission-source MAC addresses and destination server domain names included in the session establishment requests sent from the fixed terminal F (103) and the mobile terminal M (104), the CE router A (101) first refers to the session management table (313) to obtain corresponding relay path PW types. According to the PW type, the CE router A (101) sends an ICRQ signal to the L2TP server (105) through the fixed ISP network (207) or the mobile ISP network (209). For example, when the PW type is "PPP", the CE router A (101) executes the session establishment process (602) through the fixed ISP network (207).
  • the CE router A (101) executes the session establishment process (603) through the mobile ISP network (209).
  • the session establishment process (602) through the fixed ISP network (207) and the session establishment process (603) through the mobile ISP network are the same except that the networks used differ.
  • messages such as an incoming-call-request (ICRQ), an incoming-call-reply (ICRP), and an incoming-call-connected (ICCN) are exchanged to establish the fixed-terminal session and the mobile-terminal session.
  • ICRQ incoming-call-request
  • ICRP incoming-call-reply
  • ICCN incoming-call-connected
  • the ICRQ signal, the ICRP signal, and the ICCN signal form a three-way hand shake signal, and mean a L2TP start report from the client, a session permission report from the server, and a session setting completion report from the client, on an L2TP control connection established by the SCCRQ, SCCRP, and SCCCN signals.
  • the CE router A (101) stores session IDs for identifying the sessions in the session management table (313).
  • the session IDs are stores in association with the transmission-source MAC addresses and the destination server domain names included in the session establishment requests sent from the fixed terminal F (103) and the mobile terminal M (104).
  • the L2TP server (105) When the sessions are established, the L2TP server (105) also stores session IDs for identifying the sessions in the session management table (413). For example, the session IDs are stores in association with the transmission-source MAC addresses of the fixed terminal F (103) and the mobile terminal M (104), and the destination server domain name or destination server IP address. The transmission-source MAC addresses of the fixed terminal F (103) and the mobile terminal M (104), and the destination server domain name or destination server IP address are obtained from the CE router A (101) at any timing during the session establishment processes. With the above-described processes, the L2TP sessions are established between the CE router A (101) and the L2TP server (105).
  • Fig. 10 is a flowchart of a packet transfer process in the CE router A (101).
  • Fig. 11 is a diagram showing a data packet transfer process from a LAN line to a WAN line in the CE router A (101).
  • the L2TP signal processor (308) executes the processes shown in Fig. 8 in advance to generate the session management table (313), shown in Fig. 6 .
  • the L2TP transfer processor (309) captures an Ether frame (801) in the data frame input from the LAN A (201). Then, the L2TP transfer processor (309) searches the session management table (313) with the source MAC address and destination IP address extracted from the captured Ether frame as keys (802). When the search was successful (when the source MAC address and destination IP address were found) (803), the L2TP transfer processor (309) gives an L2TP session header (804).
  • the corresponding session ID and PW type are obtained from the session management table (313) and a L2TP session header that includes the obtained session ID is given to the capture Ether frame.
  • the L2TP transfer processor (309) also gives the PW type to the Ether frame at appropriate timing.
  • the source IP address binding processor (310) determines the source IP address (805).
  • the source IP address binding process is similar to an IP masquerade process generally performed by a usual CE router, in which the transmission source IP address is converted from the LAN local address to a WAN global address, but differs from the IP masquerade process in that, even when a plurality of IP addresses is given at the WAN side, a socket bind process for an IP address corresponding to the WAN interface corresponding to an appropriate relay path is performed with the L2TP session ID being used as a key.
  • the transmission-source IP address is determined according to relay path information included in the session management table (312) in the source address binding process itself.
  • the socket bind process here means that the transmission source apparatus (client) binds the destination IP address and the upper protocol (such as a port number) to a socket process to allow an upper application to send packets, and the transmission destination apparatus (server) binds the own IP address and the upper protocol (such as a port number) to a socket process to allow the upper application to receive the packets.
  • client binds the destination IP address and the upper protocol (such as a port number) to a socket process to allow an upper application to send packets
  • the transmission destination apparatus (server) binds the own IP address and the upper protocol (such as a port number) to a socket process to allow the upper application to receive the packets.
  • source bind process in which the upper application explicitly binds the IP address given to the network interface as a source address to the socket process.
  • the IP routing processor (311) outputs a packet to an access line (809).
  • the packet is sent by using the session (L2TP tunnel) corresponding to the session ID. Because a data transfer process from the WAN line to the LAN line is performed according to a usual IP routing process, a description thereof is omitted.
  • Fig. 12 is a flowchart of a packet transfer process in the L2TP server (105).
  • Fig. 13 is a diagram showing a data packet transfer process from the core transport network (210) to the core service network (211) in the L2TP server (105). The difference with Fig. 11 is that the VLAN tag processor (420) is used instead of the source IP address bind processor (310).
  • the VLAN tag process includes a process performed by a transmission source apparatus (client or L2TP server 105) to generate a VLAN tag and insert it between an L2 frame of Ethernet (registered trademark) or the like and an IP frame, and a process performed by a transmission destination apparatus (server 106) to remove the VLAN tag inserted between the L2 frame of Ethernet (registered trademark) or the like and the IP frame.
  • a transmission source apparatus client or L2TP server 105
  • server 106 to remove the VLAN tag inserted between the L2 frame of Ethernet (registered trademark) or the like and the IP frame.
  • the L2TP signal processor (408) executes the processes shown in Fig. 8 in advance to generate the session management table (413), shown in Fig. 7 .
  • the L2TP transfer processor (409) captures an IP frame (811) in the data frame input from the core transport network (210). Then, the L2TP server (105) searches the session management table (413) with the PW type, destination IP address, and session ID extracted from the captured IP frame being used as keys to check the consistency of the L2TP header by whether a corresponding entry exists (812). When the consistency was confirmed (812), the L2TP transfer processor (409) deletes the L2TP session header (813). If the consistency was not confirmed (812), the L2TP transfer processor (409) discards the received packet (817).
  • the L2TP server (105) refers to the PW (virtual wire) type.
  • the VLAN tag processor (420) gives a VLAN tag (815). If the PW type is not "Ether” (814), giving a VLAN tag is skipped.
  • the L2TP server (105) uses the IP routing processor (411) to output the packet (816) to the server (106) located at the core service network (211). Because the same process needs to be performed when data is transferred from the core service network to the core transport network (direction reverse to that described above), a description for this case will be omitted.
  • so-called multi-routing processing can be realized in which the L2TP session tables (313 and 413) are used to make the MAC address of the LAN terminal (103 or 104) and the IP address of the server (106) a pair of keys and a desired relay path is selected among a plurality of relay path with the pair of keys. It is also possible to have a setting where the MAC addresses of the LAN terminals (103 and 104) and the types (fixed terminal and mobile terminal) of the LAN terminals are associated with each other in advance to guarantee, for example, that the mobile terminal M (104) accesses the server through the mobile ISP and the fixed terminal F (103) accesses the server through the fixed ISP.
  • the CE router A (101) can send the IP address of a server that provides an FMC service, to the LAN terminals controlled by the CE router A (101), and at the same time, the CE router A (101) can appropriately select communication paths between the LAN terminals and the service network.
  • the CE router A (101) may acquire in advance the address of the server (106) associated with a VPN identifier (session ID) from the L2TP server (105) by using VPN Protocol and send the address of the server (106) to the terminals in advance.
  • the CE router A (101) may acquire in advance the address of the server (106) associated with a VPN identifier from the L2TP server (105) by using VPN Protocol and send the address of the server (106) to a terminal (103 or 104) that sends an address solution request for the server (106).
  • the CE router A (101) may acquire the address of the server (106-F) that provides a fixed-terminal service from the L2TP server (105) by using VPN Protocol and then, send the address of the server for the fixed terminal, to the mobile terminal M (104).
  • the CE router A (101) may acquire the address of the server (106-M) that provides a mobile-terminal service from the L2TP server (105) by using VPN Protocol and then, send the address of the server for the mobile terminal, to the fixed terminal F (103).
  • a fifth path is a path (F-F-M) from the fixed terminal F (103) through the fixed ISP network (207) to the second address (106-M) of the server (106).
  • the fixed terminal F (103) connects the server (106-M) through the CE router A (101), the GW router F (206), and the L2TP server (105).
  • a sixth path is a path (F-M-F) from the fixed terminal F (103) through the mobile ISP network (209) to the first address (106-F) of the server (106).
  • the fixed terminal F (103) connects the server (106-F) through the CE router A (101), the GW router M (208), and the L2TP server (105).
  • a seventh path is a path (M-M-F) from the mobile terminal M (104) through the mobile ISP network (209) to the first address (106-F) of the server (106).
  • the mobile terminal M (104) connects the server (106-F) through the CE router A (101), the GW router M (208), and the L2TP server (105).
  • An eighth path is a path (M-F-M) from the GW router (208) through the fixed ISP network (207) to the second address (106-M) of the server (106).
  • the mobile terminal M (104) connects the server (106-M) through the CE router A (101), the GW router F (206), and the L2TP server (105).
  • These paths can be stored in the session management table (313) of the CE router A (101) and the session management table (413) of the L2TP server (105), described above.
  • Fig. 14 is a diagram showing the structure of a communication system that does not use L2TP-VPN.
  • a mobile terminal is not accommodated by a home LAN.
  • a mobile terminal M (203) located in a Cell B (202) connects to a server M (208) through an AP router B (102) of a wireless access network (200) and a GW router M (208) of a mobile ISP network (209).
  • the mobile terminal M (203) moves into a LAN A (201)
  • the mobile terminal M (203) connects to a server F (107), for example, through a CE router A (1101) and a GW router F (206) of a fixed ISP network (207).
  • Fig. 15 is a diagram showing the structure of an FMC communication system that does not use L2TP-VPN.
  • a mobile terminal is accommodated by a home LAN.
  • the FMC communication system shown in Fig. 15 includes, for example, a LAN A (201) to which a CE router A (1101) belongs, a fixed access network (100), a fixed ISP network (207), a mobile ISP network (209), a core transport network (210), and a core service network (211).
  • the communication system is provided, for example, with the CE (customer edge) router A (1101), a server (107) installed in the core service network (211) and providing a service for a fixed terminal F (103), and a server (108) providing a service for a mobile terminal M (104).
  • the CE (customer edge) router A (1101) is connected, for example, to the fixed terminal F (103) connected to the LAN A (201) and to the mobile terminal M (104) connected to the LAN A (201).
  • the fixed ISP network (207) is provided with a GW router F (206), and the mobile ISP network (209) is provided with a GW router M (208).
  • the CE router A (1101) and the GW router F (206) installed in the fixed ISP network (207) are connected, for example, by a PPPoE tunnel (204).
  • the CE router A (1101) and the GW router M (208) installed in the mobile ISP network (209) are connected, for example, by an IPsec tunnel (205).
  • the fixed ISP network (207), the mobile ISP network (209), the core transport network (210), and the core service network (211) are connected by Internet Protocol.
  • FMC services are realized when the CE router A (1101) explicitly associates paths with services to be used between the CE router A (1101) and the servers (107 and 108) in advance.
  • Fig. 16 shows an example structure of a session management table (1313) of the CE router A (1101).
  • a routing table ID is used, for example, instead of the L2TP session ID used in the above-described embodiment.
  • the routing table ID is the ID of a routing table among a plurality of routing tables.
  • Linux can have a plurality of routing tables, but actually, only one routing table is selected and used.
  • the session management table (1313) includes a source MAC address field for storing the MAC address of the terminal (103 or 104) managed by the CE router A (1101); a destination server IP address field for storing an IP address of a server that the terminal (103 or 104) accesses; a relay path PW type field for indicating a relay path; and a routing table ID field.
  • the relay path PW type is set to "Ether", for example, when the mobile ISP network is used; and the PW type is set to "PPP" when the fixed ISP network is used. In addition to these settings, appropriate identification information indicating that the mobile ISP network is used and the fixed ISP network is used. These pieces of information are determined by provisioning. Paths corresponding to the first to eighth paths, described above, can be used between the terminals (103 and 104) to the servers (107 and 108).
  • Fig. 17 is a diagram showing a data packet transfer process from a LAN line to a WAN line in the CE router A (1101).
  • the session management table (1313) Prior to data transfer, the session management table (1313), shown in Fig. 16 , is generated in advance.
  • an L2 transfer processor (1315) captures an Ether frame in the data frame input from the LAN A (201). Then, the L2 transfer processor (1315) searches the session management table (1313) with the source MAC address and destination IP address extracted from the captured Ether frame as keys. When the source MAC address and destination IP address are found, a corresponding session ID and PW type are acquired. The PW type is given to the captured Ether frame.
  • a source IP address binding processor (310) determines a source IP address.
  • the routing table corresponding to an acquired routing table ID is referenced.
  • a plurality of routing tables are provided in association with routing table IDs.
  • the tables corresponding to routing table IDs 1, 3, and 4 are configured such that a packet is sent to the server (107 or 108) through the GW router F (206).
  • the table corresponding to a routing table ID 2 is configured such that a packet is sent to the server (107 or 108) through the GW router M (208).
  • an IP routing professor (1311) outputs the packet to the access line.
  • the packet is sent through either the GW router F (206) or the GW router M (208) according to the routing table ID. Because a data transfer process from the WAN line to the LAN line is performed according to a usual IP routing process, a description thereof is omitted.
  • the present invention can be used, for example, in FMC systems.
  • the present invention can be used in a network system in which a fixed-terminal network service and a mobile-terminal network service are configured with a plurality of relay networks by using Internet Protocol, for example.

Abstract

 サーバへの複数の中継経路の中から最適な経路を選択する。  マルチルーティング問題を解決するために、IPアドレスを中継経路選択のキーにするのではなく、アクセス元の端末とアクセス先のサーバ種別に対応するラベルにより中継経路を決定するマルチルーティング方式を導入する。また、L2TPによるVPNを導入する。CEルータA(101)は、収容する端末(103、104)のMACアドレスを、L2TP-VPNセッションにマッピングする。VPNセッションIDとしてL2TPのセッションIDを用い、これをキーにして中継経路の選択を行う。
EP06756973A 2006-06-05 2006-06-05 Relay network system and terminal adapter apparatus Not-in-force EP2031803B1 (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2006/311222 WO2007141840A1 (ja) 2006-06-05 2006-06-05 中継ネットワークシステム及び端末アダプタ装置

Publications (3)

Publication Number Publication Date
EP2031803A1 EP2031803A1 (en) 2009-03-04
EP2031803A4 EP2031803A4 (en) 2011-03-30
EP2031803B1 true EP2031803B1 (en) 2012-05-30

Family

ID=38801112

Family Applications (1)

Application Number Title Priority Date Filing Date
EP06756973A Not-in-force EP2031803B1 (en) 2006-06-05 2006-06-05 Relay network system and terminal adapter apparatus

Country Status (5)

Country Link
US (1) US8159989B2 (ja)
EP (1) EP2031803B1 (ja)
JP (1) JP4598859B2 (ja)
CN (1) CN101461198B (ja)
WO (1) WO2007141840A1 (ja)

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4427567B2 (ja) * 2007-07-03 2010-03-10 株式会社東芝 無線通信装置及び無線通信方法
CN101227407B (zh) * 2008-01-25 2011-08-10 华为技术有限公司 基于二层隧道协议的报文发送方法及装置
JP5182051B2 (ja) * 2008-12-10 2013-04-10 富士通株式会社 サービスサーバおよびこれを用いた通信システム
CN102362467B (zh) * 2009-03-26 2014-12-03 华为技术有限公司 一种提供路由服务的方法、设备和系统
CN102118719B (zh) * 2009-12-30 2013-12-18 北京邮电大学 移动智能信息服务系统、适配转换装置及方法
JP5569697B2 (ja) * 2011-03-09 2014-08-13 村田機械株式会社 中継サーバ及び中継通信システム
CN102111311A (zh) 2011-03-18 2011-06-29 杭州华三通信技术有限公司 通过二层隧道协议访问监控私网的方法及服务器
CN103503384B (zh) * 2011-04-21 2016-06-08 村田机械株式会社 中继服务器及中继通信系统
US20140036852A1 (en) * 2011-05-27 2014-02-06 Alcatel-Lucent Method of communication under network condition converging cellular network and wlan
CN103023729A (zh) * 2011-09-22 2013-04-03 中兴通讯股份有限公司 中继节点选择方法及装置
JP5658830B2 (ja) * 2011-09-28 2015-01-28 京セラ株式会社 無線中継装置及びその通信制御方法、通信システム
JP2013098676A (ja) * 2011-10-31 2013-05-20 Buffalo Inc 通信システム、通信方法及びコネクションサーバ
CN102546653A (zh) * 2012-02-02 2012-07-04 北京圣世信通科技发展有限公司 一种水资源数据通讯中间件
US10187299B2 (en) * 2016-04-22 2019-01-22 Blackridge Technology Holdings, Inc. Method for using authenticated requests to select network routes
US10170960B2 (en) * 2016-11-18 2019-01-01 Gianfranco Guercio Energy harvesting system
CN107026793B (zh) * 2017-03-31 2018-11-13 腾讯科技(深圳)有限公司 路由方法、装置及系统
EP4140106A1 (en) * 2020-04-23 2023-03-01 Juniper Networks, Inc. Session monitoring using metrics of session establishment
CN114553636B (zh) * 2022-02-18 2024-05-03 山东迈特力重机有限公司 一种通过中继lns主动访问局域网的方法和系统

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11112570A (ja) 1997-10-08 1999-04-23 Nec Corp 経路制御方法およびドメインネームシステムサーバ決定方法
CN1310478C (zh) * 1999-02-23 2007-04-11 阿尔卡塔尔互联网运行公司 具有独立协议堆栈体系结构的多业务网络交换机
JP2001285354A (ja) * 2000-03-30 2001-10-12 Hitachi Ltd 通信路設定方法
JP3963690B2 (ja) * 2001-03-27 2007-08-22 富士通株式会社 パケット中継処理装置
JP4236398B2 (ja) * 2001-08-15 2009-03-11 富士通株式会社 通信方法、通信システム及び通信接続プログラム
US7606190B2 (en) * 2002-10-18 2009-10-20 Kineto Wireless, Inc. Apparatus and messages for interworking between unlicensed access network and GPRS network for data services
US7350077B2 (en) * 2002-11-26 2008-03-25 Cisco Technology, Inc. 802.11 using a compressed reassociation exchange to facilitate fast handoff
JP4028793B2 (ja) * 2002-12-03 2007-12-26 株式会社日立製作所 移動端末装置および端末間パケット通信方法
JP2004328029A (ja) * 2003-04-21 2004-11-18 Nec Corp ネットワークアクセスシステム
US7792133B2 (en) * 2003-05-29 2010-09-07 Nec Corporation Packet relay device and packet method, and program
JP3858884B2 (ja) * 2003-11-05 2006-12-20 日本電気株式会社 ネットワークアクセスゲートウェイ及びネットワークアクセスゲートウェイの制御方法並びにプログラム
JP4202286B2 (ja) 2004-03-05 2008-12-24 日本電信電話株式会社 Vpn接続制御方法及びシステム
JP4323355B2 (ja) * 2004-03-22 2009-09-02 株式会社日立コミュニケーションテクノロジー パケット転送装置
JP4738901B2 (ja) * 2005-06-07 2011-08-03 株式会社日立製作所 Vlanid動的割当方法及びパケット転送装置
EP1758334A1 (en) * 2005-08-26 2007-02-28 Matsushita Electric Industrial Co., Ltd. Establishment of media sessions with media adaptation

Also Published As

Publication number Publication date
CN101461198A (zh) 2009-06-17
US20100020738A1 (en) 2010-01-28
JP4598859B2 (ja) 2010-12-15
JPWO2007141840A1 (ja) 2009-10-15
CN101461198B (zh) 2012-03-14
EP2031803A1 (en) 2009-03-04
US8159989B2 (en) 2012-04-17
EP2031803A4 (en) 2011-03-30
WO2007141840A1 (ja) 2007-12-13

Similar Documents

Publication Publication Date Title
EP2031803B1 (en) Relay network system and terminal adapter apparatus
US7656872B2 (en) Packet forwarding apparatus and communication network suitable for wide area Ethernet service
EP1693996B1 (en) Automatic discovery of psuedo-wire peer addresses in ethernet-based networks
CN110635935B (zh) 为用户接口的相应服务接口使用多个evpn路由
CA2413570C (en) Address resolution method for a virtual private network, and customer edge device for implementing the method
JP5579853B2 (ja) バーチャル・プライベート・ネットワークの実現方法及びシステム
US7660324B2 (en) Virtual network construction method, system, and relaying apparatus
US7489700B2 (en) Virtual access router
CN115333884A (zh) 宽带网络业务网关与第五代核心网之间的交互
US20030154259A1 (en) Method of providing a virtual private network service through a shared network, and provider edge device for such network
JP2011515945A (ja) ローカル・ネットワーク間でデータ・パケットを通信するための方法および装置
CN101426004A (zh) 三层会话的接入方法、系统及设备
US20070165603A1 (en) Access network system, subscriber station device, and network terminal device
JP4571761B2 (ja) 仮想私設ネットワークにすでに接続されているユーザが、この仮想私設ネットワークに属さない通信デバイスと通信できるようにする方法および対応するネットワークアクセスサーバ
WO2007031006A1 (en) A virtual switching method which could be routed
EP1318631B1 (en) Address resolution method for a virtual private network, and customer edge device for implementing the method
JP4166609B2 (ja) 通信装置
EP3477897B1 (en) Method for routing data packets in a network topology
JP5261432B2 (ja) 通信システム、パケット転送方法、ネットワーク交換装置、アクセス制御装置、及びプログラム
CN116488958A (zh) 网关处理方法、虚拟接入网关、虚拟业务网关及相关设备
JP2006174508A (ja) パケット転送制御方法及びvpn識別情報の設定方法
JP2004104527A (ja) インターネットアクセスネットワーク及びアクセススイッチ装置
KR101209215B1 (ko) 네트워크의 경로 구별자 변경 방법

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20081230

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA HR MK RS

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: HITACHI, LTD.

A4 Supplementary search report drawn up and despatched

Effective date: 20110301

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

DAX Request for extension of the european patent (deleted)
RTI1 Title (correction)

Free format text: RELAY NETWORK SYSTEM AND TERMINAL ADAPTER APPARATUS

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 560501

Country of ref document: AT

Kind code of ref document: T

Effective date: 20120615

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602006029828

Country of ref document: DE

Effective date: 20120802

REG Reference to a national code

Ref country code: NL

Ref legal event code: VDEP

Effective date: 20120530

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG4D

Effective date: 20120530

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120930

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 560501

Country of ref document: AT

Kind code of ref document: T

Effective date: 20120530

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120831

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20120630

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20121001

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

REG Reference to a national code

Ref country code: IE

Ref legal event code: MM4A

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20120630

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120910

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20120630

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20120605

26N No opposition filed

Effective date: 20130301

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602006029828

Country of ref document: DE

Effective date: 20130301

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120830

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20130605

Year of fee payment: 8

Ref country code: DE

Payment date: 20130529

Year of fee payment: 8

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20130624

Year of fee payment: 8

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120530

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20120605

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20060605

REG Reference to a national code

Ref country code: DE

Ref legal event code: R119

Ref document number: 602006029828

Country of ref document: DE

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 602006029828

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: H04L0012560000

Ipc: H04L0012715000

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20140605

REG Reference to a national code

Ref country code: FR

Ref legal event code: ST

Effective date: 20150227

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 602006029828

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: H04L0012560000

Ipc: H04L0012715000

Effective date: 20150219

Ref country code: DE

Ref legal event code: R119

Ref document number: 602006029828

Country of ref document: DE

Effective date: 20150101

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20150101

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20140605

Ref country code: FR

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20140630